Avira Virus and malwarebytes downloads stopped by malware

koalady

Member
Member
Messages
12
Location
Umina Beach, Central Coast NSW
My antivirus license expired while the machine was disused for months. Before I could reactivate it, malware invaded:
a browser address and search bar hijacker: SNAPDO.COM
I have removed similar ones on another machine, using malwarebytes.
But now this seems smart enough to abort the downloads of both avira antivirus, and malwarebytes.
I therefore tried SuperAntiSpyware.com. Same effect.
Any help would be much appreciated!
 
1) try booting in safe mode to do the download / install
2) get someone else/use another PC to download and create a bootable DVD/USB stick with the AV on it.
 
Yepperz, it would be a good idea to d/l some malware cleaners on another PC. But you may be able to access anti malware sites by going into safe mode as suggested by Wullail.

I don't know if access to this site will be blocked by the malware, but you can attempt to d/l & stop the processes by running RKill. Do Not reboot after running this program.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again. Instead, after running RKill you should immediately scan your computer using some sort of anti-malware or anti-virus program so that the infections can be properly removed.

We offer RKill under different filenames because some malware will not allow processes to run unless they have a certain filename. Therefore when attempting to run RKill, if a malware terminates it please try a different filename offered below.

If you can get RKill to stop the processes on your PC, then you may be able to access the anti malware sites & d/l some tools to take care of this problem from the infected PC.

Another option you can try is SuperAntiSpyware Portable. It's saved as a .com file with a random name. If you can't get to the site you'll need to d/l it on a clean PC to a flash drive.
Please note : The scanner is saved under a random filename so that malware infections won't block its execution.

Another suggested tool would be AdwCleaner.

AdwCleaner is a program that searches for and deletes Adware, Toolbars, Potentially Unwanted Programs (PUP), and browser Hijackers from your computer. By using AdwCleaner you can easily remove many of these types of programs for a better user experience on your computer and while browsing the web.

And, Malwarebytes is always a good choice.

You also have the option of doing a Refresh or a Reset.

http://www.eightforums.com/tutorials/2293-refresh-windows-8-a.html

http://www.eightforums.com/tutorials/2302-reset-windows-8-a.html
 
Last edited:
Avira Virus...

Thank you Wullail for Safe Mode suggestion. Also X, a moderator - whose message appears to have been now removed.
Unfortunately, and astonishingly, I was totally unable to get into Safe Mode. Because the system insisted on doing Updates first. As the machine had hardly been used and was idle for the last 8 months, this took a long time, about 15 minutes. But then -- it gave up and showed a 'Failed... Reverting Updates' message for the next 20 minutes!
The simple method from X-moderator also went nowhere.

- new reply from Borg 386. Thank you for your multiple suggestions! Very sophisticated and surely one should work! I will now attempt to follow them. Unfortunately this computer IS the reserve computer, only being used because my Windows 7 computer blew up with a wholly different problem! (noted on sevenForums)
 
I hope you get it sorted out. Let us know.

I'm going to go ahead & suggest that you also try running TDSSKiller, simply because there has been a rash of rootkits out there & it wouldn't hurt. The scan doesn't take much time & the programs sole purpose is to detect rootkits.

When running TDSSKiller, launch the program, click on the blue text "Change Parameters" & check the box marked "Detect TDLFS File system." Click OK & then run the scan.

TDSSKiller Download


 
foiled by system's insistence on updates

Replying to Borg386, sorry for long delay. Your suggestions about rootkits etc., and from others, all made sense. But alas, now the machine refuses to get past trying, and failing, to finish installing updates! It looks as if I need to start from scratch, which here means installing Windows 8.1. As this is likely to be a hornet's nest, and this is a backup machine, I keep on putting it off...
Thanks again to everybody for your help
 
Sometimes starting over is the best thing if your machine is severely compromised. Assuming you had a rootkit, some of them can survive a reinstall unless you wipe the HDD to get rid of the hidden boot partition. Here is a list of drive wipers you can use. Since you are starting over, it would be a good idea to wipe the drive just to be sure.

Five hard disk cleaning and erasing tools - TechRepublic

And here is the tutorial to a clean install.

http://www.eightforums.com/tutorials/2299-clean-install-windows-8-a.html

Hope all goes well & you get it sorted.

Here is something you may find helpful in the future. Making a system image can save you time & they are good to have around in case something like this happens again.

http://www.eightforums.com/tutorials/8956-system-image-create-windows-8-a.html
 
I also make system images using True Image. Since I do this frequently I feel totally safe. If anything happens I have always got at least 4 to 5 different Images (differential backups) to restore. This way I will never have to reinstall Windows 8.1 again.

Oh, almost vorgotten: I too recommend a complete wipe of the harddisk (backup your data first, if you cannot boot Windows anymore you could use a Linux live CD/ DVD). Afterwards you can reinstall Windows and start over again. Always better than trying to fix a compromised pc, spending hours and in the end not beeing sure whether the malware is really gone or not.
 
Back
Top